CKA Forums
Login 
canadian forums
bottom
 
 
Canadian Forums

Author Topic Options
Offline
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 64817
PostPosted: Wed Aug 03, 2016 1:49 pm
 


A very worthwhile read especially for anyone in IT at a government agency.

http://asd.gov.au/publications/protect/ ... gation.htm [B-o]


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 35246
PostPosted: Thu Aug 04, 2016 7:50 am
 


Good sound advice!

We employ those strategies and then some. Our Antivirus solution also employs a sandbox for known threats, but also an active component for 0 day threats. It will look at any workstation that starts suspicious activity, and transmits information to a central server to prevent it happening on other workstations.

This was activated recently, when a large email list got an email apparently from a director. It was an exact replica of the Director's email 'stationary' and signature, but the message was obviously written by a non-English speaker, asking the reader to comment on the attached file. The attachment was a zero day crypto locker, wrapped up in a PDF exploit!

Luckily the AV solution spotted the activity, and alerts went out that bumped anyone who opened the attachment off the network. A few file restores, and all was well. Hundreds of workstations and network shares were not compromised. [B-o]


Post new topic  Reply to topic  [ 2 posts ] 



Who is online

Users browsing this forum: No registered users and 1 guest




 
     
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © Canadaka.net. Powered by © phpBB.